toy foes Ta) _ —A Good Practice Guide nT P| | on an Copper Development Association col tera rad 4ICAL DESIG. - A GOOD PRACTICE GUIDE by David Chapman, AMIE CDA Publication 123, December 1997 COPPER DEVELOPMENT ASSOCIATION (Limited by guarantee) is a non-trading organisation sponsored by the copper producers and fabricators to encourage the use of copper and copper alloys and to promote their correct and efficient application. Its services, which include the provision of technical advice and information, are available to those interested in the utilisation of copper in all its aspects, The Association also provides a link between research and the user industries and maintains close contact with other copper development organisations throughout the world MEMBERS, as af Ist January 1997 ASARCO Ine. Boliden MKM Ld Thoms Bolton Lid Brandeis Led The British Non-Ferrous Metals Federation Codeleo Services Ltd Gecaiines Commerciale IMI pic Inco Europe Id oranda Sales Corporation of Canada Ltd Palabora Mining Co, Ltd RIZ Limited Southern Peru Copper Corporation ZCCM Lad ACKNOWLI MENTS Acknowledgements are due to Gi Section 2, to Martin Heathcote for Sect Peter Richardson for his many help ary Marshall (formerly of Roberts and Partners) for the preparation of 1.2.2, 1 Richard Part on whose work Section 7.3 is based and to fomments and su tions, ociation Copper Development As Verulam Industrial Estate 224 London Road St Albans, Herts, ALL TAQ 01727 731200 01727 731216ELECTRICAL DESIGN A GOOD PRACTICE GUIDEPREFACE This book is concemed with the design of electrical installations in buildings with particular reference to the growing incidence of power quality problems and energy efficiency considerations. It presents good practice design solutions to reduce the impact. of power quality problems and explains how electrical efficiency can be improved. Business and financial managers will find much of the material readily accessible despite it's technical bias and will gain a good understanding of the problems, risks and consequential costs that face their organisations. Technical staff, including electrical designers and installation and maintenance engineers, will find detailed information on the causes of power quality problems and strategies for the reduction of their impact. The cost of power quality problems can be very high and include the cost of downtime, loss of customer confidence and, in some cases, equipment damage. The recovery of lost data, including re-entry and re-verification can be very expensive indeed. The unpredictability of this disruption to business operations aggravates the problem and significant management intervention is often required to ensure that recovery operations are carried out logically and efficiently to restore essential business services as quickly as. possible. It has been estimated that 70% of those companies who suffer a major computer disaster fail completely within 18 months. Power problems arise primarily from two causes: interruptions in the public supply, and deficiencies in the customer’s installation. On average, the public supply will be unavailable for about 100 minutes per year, but it is frequently blamed for the many other problems that really arise either in the customer’s own installation or in a neighbouring installation, ‘This publication explains how to identify potential problem areas and design and maintain resilient power systems that are largely immune to both supply and installation problems. Electricity is a very expensive fuel and as much as 8% of the electricity bought by industry is wasted by the use of inefficient plant and poor installation practices. Efficiency can be greatly improved at no cost by careful plant selection and good installation design. Happily, the measures required to improve resilience and those required to improve efficiency are complimentary. The solutions presented are not difficult to implement, especially when introduced early in the design or refurbishment cycle. Well-planned installations, taking into account the types and numbers of loads, with due allowance for load growth, will have substantially reduced incidence of problems and lower running costs over the whole life of the installation. These benefits will be gained with little or no increase in initial installation costCONTENTS 1. Overview of Electricity Supply and the Cost of Failure LL. Electricity supply in the UK. 1.2. Supply availability statistic for UK. 13, Financial impact of power supply failure. 13.1. Introduction 132. Insurance industry statistics. 2 133. Insurers response. é 134. Financial impact. 2,” Reliability In Electr ystems 2.1. Examples of current trends in reliability. 2.2. The importance of reliability assessment 221, Purpose of reliability assessment oo. 222 Benefits of reliability assessments. 223. Assessing reliability, 224 Uncertainty in assessing reliability predications... 225. Application of reliability assessment. 23. Basic concepts.. 23.1. Reliability and unreliability 23.2. Basic reliability forms. 233. Mean time to failure (MTTF).. 234, Mean time between failures (MTBF)... 235. _ Availabilty and meantime to repair (MITTR) 24. ‘The reliability of system and system elements 24.1. Reliability block diagrams... 242. Series rlisbility crn 243, Parallel reliability 244, Calculation examples 25. Application of reliability. 25.1. Power system design philosophy 252. Parallel redundancy and standby modes. 253. Maintainability..e... : vn 253.1. Designing for maintenance. — 254," Cost versus reliability. oo 255. Reliability and safety Power Quality. ‘What is poor power quality?... 1. Supply system quality problems... 2. Installation and load related problems i Power quality survey.. 32.1. Power quality survey findings. 32.2. National extent of power quality problems... Seep 4. Harmonies enn on 44, ‘Types of equipment which generates harmonics . von 4.1.1.” Theoretical background ~ How harmonics are generated : 32 42. Problems caused by harmonics : 42.1, | Hamoni problens within he insaion 421.4. Voltage distortion. 42.12. Zero-crossing noise 4213. Neutral conductor overheating. 4214. Effects on transformers and induction motors... 42.1.5. Nuisance tripping of circuit breaker. : . ' 7 4216. Overstesing of power ft conection capaci = 39 4217. Skim effect nn a 422.” ” Harmonic problems affecting the supply 43. ‘Maintenance and measurement. 43.1. True RMS metering... 43.2. Identifying harmonic problems. 5. Earthing and Earth Leakage enn 5.1. Earthing for safety.52, Earthing in a high leakage current environment. S21 Integrity : 522 Impedance . 52.3. Residual curentcireuit breakers (RCCB) 524. __ Maintenance and housekeeping 53. Noise - functional earthing for sensitive equipment. 53.1, Data interconnection problems. = 532. Star earth configurations. 533. Mesh earth configuration 6. Voltage Dips and Transients. 7. Energy Efficiency . 7A, The cost of energy in UK. .. 7A. Electricity generation in the UK. 72, Energy-efficient motors and transformers. 72.1, Motors 7211. Energy losses 7212. Application of igh efficiency motors 7213. | Eeonomic justification for selecting higheficeny m ‘tr. 72.2.” ‘Transformers. 7221. The nature of ansfome oes: 7222. Loss evaluation 7223. Industrial users 72.24, Dryetype transformers 73. Energy losses in cables... 73.1. The standards issue: BST671 v IEC 1059. 73.1.1. Conductor materia —— 732. | Busbars. 74. Cable installation software packages 8, ___ Future Trends in electrical design 8.1 Load Growth... 82. Age of buildings... 83, Flexibility 9. Good Practice ‘Check List. .FIGURES FIGURE 1 - TWO INDEPENDENT ON-LINE STRINGS... FioURE 2 - STATIC TRANSFER SWITCH IN NORMAL POSITION. FIGURE 3 - STATIC TRANSFER SWITCH IN ALTERNATE POSITION FIGURE 4 - FAILURE RATE AGAINST TIM FIGure 5 - USEFUL LIFETIME FIGURE 6 - EXAMPLE OF RBD_ FIGURE 7 - RC CIRCUIT IN SERIES AND PARALLEL. FIGURE 8 - TWO SWITCHES IN SERIES FIGURE 9 - RELIABILITY DIAGRAM... FIGURE 10 - RELIABILITY BLOCK DIAGRAM .. FIGURE 11 - REDUCED RELIABILITY BLOCK DIAGRAM. FIGURE 12 - 1+] REDUNDANCY FiGure 13 - N+ REDUNDANCY... FIGURE 14 - EXAMPLES OF REDUNDANCY .. FIGURE 15 - COST OF UNRELIABILITY. FIGURE 16 - THREE-PHASE, OR SIX-PULSE, BRIDGE. FIGURE 17 ~ TWELVE-PULSE BRIDGE. FIGURE 18 - CURRENT WAVEFORM IN A LINEAR LOAD... FIGURE 19 - CURRENT WAVEFORM IN A NON-LINEAR LOAD FIGURE 20 - FUNDAMENTAL WITH THIRD AND FIFTH HARMONICS. FIGURE 21 - DISTORTED CURRENT WAVEFORM FIGURE 22 - VOLTAGE DISTORTION CAUSED BY A NON-LINEAR LOAD. FIGURE 23 - SEPARATION OF LINEAR AND NON-LINEAR LOADS. FIGURE 24 - MOTOR DE-RATING CURVE FOR HARMONIC VOLTAGES. FIGURE 25 - SINGLE-ENDED AND DIFFERENTIAL TRANSMISSION FIGURE 26 - OPTICALLY ISOLATED DATA TRANSMISSION. FIGURE 27 - RELATIVE FUEL COSTS PER KWH (1995). FIGURE 28 - % CHANGE IN ENERGY COSTS 1990 TO 1995, FIGURE 29 - COMPARISON OF LOSSES FOR A SINGLE MOTOR INSTALLATION FIGURE 30 - PRIMARY FUELS USED FOR ELECTRICITY GENERATION IN THE UK.. FIGURE 31 - ELECTRICITY CONSUMPTION BY MARKET SEGMENT. FIGURE 32 - LOSS AGAINST LOAD FOR A TYPICAL STANDARD MOTOR. FIGURE 33 - COMPARISON OF EFFICIENCIES OF STANDARD AND HIGH-EFFICIENCY MOTORS 58 FIGURE 34 - MOTOR DE-RATING FACTOR DUE TO UNBALANCED VOLTAGE, 59 FIGURE 35 - RELATIVE LOSSES FOR DIFFERENT TRANSFORMER TYPES .. 62 FIGURE 36 - EVALUATION OF TYPICAL TRANSFORMERS 7 FIGURE 37 - TYPICAL TOTAL COSTISIZE CURVES SHOWING TOTAL COSTS INK PER 100M OF THREE PHASE, INSULATED PVC/SWA : — FIGURE 38 - AGE OF OFFICE BUILDING STOCK IN THE UK.. FIGURE 39 - AGE OF FACTORY BUILDING STOCK IN THE UK.. TABLES ‘TABLE I - TYPICAL SUPPLY IMPEDANCE IN DIFFERENT COUNTRIES, ‘TABLE 2 - ESTIMATED ANNUAL LOSSES TO UK BUSINESS FROM COMPUTER SYSTEM DISASTERS. ‘TABLE 3 ~ BUSINESS INTERRUPTION AND FIRE INSURANCE CLAIMS STATISTICS - GROSS INCURRED CLAIMS ‘TABLE 4 - FREQUENCY OF OCCURRENCE OF POWER QUALITY PROBLEMS... . ‘TABLE 5 - SCALE OF OCCURRENCE OF POWER QUALITY PROBLEMS (ATLEAST ONCE PER YEAR). ‘TABLE 6 - REPORTED MAIN SOURCES OF POWER QUALITY PROBLEMS. ‘TABLE 7 - POTENTIAL EXTENT OF POWER QUALITY PROBLEMS IN THE UK non ‘TABLE 8 - COMPARISON BETWEEN A STANDARD AND HIGH-EFFICIENCY INSTALLATION, ‘TABLE 9 - ANNUAL PRODUCTION OF POLLUTANTS IN THE UK (1992) ‘TABLE 10 - TYPICAL FIRST COST AND LOSS DATA FOR TRANSFORMER TYPES. ‘TABLE 1] ~ EVALUATION OF TYPICAL TRANSFORMERS. ‘TABLE 12 - ASSESSMENT USING TRUE LIFETIME COST OF LOSSES; NO-LOAD LOSS - /, LOAD LOSS ~ £2152KW. 63 ‘TABLE 13 - INDUSTRIAL AND COMMERCIAL CONSUMPTION, 1984 TO 1994. 70Introduction New problems are arising in electrical services installations in today's high-density commercial and industrial buildings, largely caused by quantity of electronic equipment in use. At the same time, the efficiency of electrical plant is being examined more carefully as concern over the release of greenhouse ‘gasses grows. This publication examines the associated risks and costs and discusses how good design practices can reduce them. ‘The potential costs to businesses of power failures and disturbances can be very high indeed and managers need to understand the risks and know how they can be assessed and reduced. ‘The term ‘good power quality’ can be used to describe a power supply that is always available, always within voltage and frequency tolerances, and has a pure noise-free sinusoidal wave shape. "Poor power quality’ describes any supply that deviates from this ideal; whether or not the deviation is important depends entirely on the purpose of the installation, the design of the equipment and the design of the installation. Poor power quality may be apparent as supply interruptions, voltage dips, transients and noise, harmonic distortion or earth leakage. Some risks, such as a failure inthe supply distribution system, are outside the direct control of the user but it is important to realise thatthe impact of such a failure can be reduced if appropriate measures are taken in the design ofthe installation, Risk reduction may require the provision of an un-interuptible power supply, a local standby generator, a second redundant feed from the National Grid or a combination of any of these. ‘The costs can vary over a wide range, and must be balanced against the potential risk. Many enterprises where data is central to the operation wall find the extra investment worthwhile. In safety critical or data Critical operations, where the cost of the potential disruption can be high in terms of human life or financial impact, even high cost solutions will be fully justified. Other risks arise from the design of the uset’s installation, the specification of the electrical plant or the type of equipment required by the nature of the business activity. The layout of the cabling and cross-sectional area of the conductors may not have been specified with harmonic generating loads in mind, so that interference and overheating may result. Separate circuits may not have been provided for heavy motor Toads, so that switching produces transient spikes and the starting current causes voltage dips that can adversely affect other, more sensitive, equipment. Computer equipment, in common with most modem electronic equipment, makes use of switched mode power supplies. These are smaller, lighter and more efficient than traditional transformer units but have the major disadvantage that they generate high levels of harmonic currents in the mains supply. Where a number of computers is installed, these harmonic currents can reach high levels, especially inthe neutral of three-phase supplies, leading to overheating and the risk of fire. Such equipment also produces earth leakage currents that have serious safety implications in many installations and may cause interference and data loss in communications systems. ‘A welkdesigned electrical system will also take account of energy efficiency. Not only should high- ‘efficiency plant, such as energy efficient motors and transformers, be selected, but the best practice low loss installation standards should also be applied. Often this means using conductors that are two standard sizes larger than the minimum size for thermal safety suggested by national codes. Although the larger cable is, ‘more expensive to purchase, the total installation cost is only slightly increased, and the outlay is quickly recovered in lower fuel bills. ‘The publication is divided into the following sections: © Overview of electricity supply and the cost of failure © Reliability © Power quality © Harmonics ¢ Earth leakage © Energy efficiency © Future trendsSection 1 - Overview of electricity supply and the cost of failure ‘The structure of the electricity supply industry and the supply availabilty that can be expected is outlined ‘and the financial impact of power failures and poor power quality are examined. Section 2 - Reliability This section discusses measures to ensure thatthe reliability of the supply is appropriate to the nature of the ‘operation, for example by the provision of un-interruptible power supply (UPS) units, or by providing dual circuits in critical areas. Background theory and example calculations are presented. Section 34,5 and 6 - Power Quality, Harmonics, Earth Leakage and Voltage Dips and Transients Power quality problems have become very important in recent years. The term is used to encompass supply defects, such as: + harmonic problems ‘* carth leakage and noise problems ‘+ transients, voltage dips and interruptions ‘The causes, symptoms and solutions are discussed in three separate sections. Section 7 - Energy Efficiency It is not generally realised that up to 8% of electricity bought by customers is wasted due to poor installation practice and poor selection of plant Installation Standards specify minimum cable sizes consistent with ‘thermal safety, i, such that the temperature is just low enough not to cause failure of the insulation. This ‘means that many cables run at temperatures of up to 70°C or even 90°C and the energy to generate this heat is being paid for. When the cost of this energy is taken into account in a whole lifetime calculation it is apparent that the lowest overall cost is achieved by installing larger cables giving lower running costs, ‘Motors consume about £4 billion worth of electricity every year in the UK. The use of high efficiency ‘motors, now available with no price premium, would reduce UK industrial electricity bills by about £300 million per year. s ‘A complete publication on efficiency, ‘Electrical Energy Efficiency’, Publication 116, is DA. lable from Section 8 ~ Future Trends ‘This section looks at factors influencing future installation practice, such as the age of building stock, load growth, flexibility and cost1. Overview of Electricity Supply and the Cost of Failure industry in England and Wales is logically split into Generators (who produce electricity) and Suppliers (who buy from the generators and sell to users) who trade electricity through the Electricity Pool. In reality, many companies are both suppliers and generators, The Pool is regulated by its members and operated by the National Grid Company who also own and operate the distribution grid. Commercial contracts between the generators and suppliers are used to hedge against the uncertainty of future prices in the pool. Blectricité de France (EdF), Scottish Power and Scottish Hydro Power are external members of the Pool and each of these has a number of commercially negotiated contracts to sell electricity to the suppliers in England and Wales. The Regional Electricity Companies (RECs) supply electricity to customers in their own area but may also compete to supply customers nation-wide. ‘The main generators also operate their own supply businesses, as do some other companies such as Scottish Power, Scottish Hydro Power, individual large users and trading companies. Progressively since 1990, large customers, intially those with peak loads greater than 1 MW and now those ‘over 100 KW, have been able to select their supplier. By early 1995, 75% of supplies to non-domestic ‘customers were from a supplier other than the geographically appropriate REC. Of course, whoever supplies the electricity, it arrives at the customer's site over the distribution system belonging to the geographically local REC. As far as security of supply is concemed, itis the REC responsible for delivery of the power that matters as far as reliability is concerned. Domestic and small industrial users buy their electricity from the local REC at controlled fixed prices. By contrast, the Pool price is set half-hourly to reflect the supply situation prevailing at the time. ‘Although the average industrial price in 1994 was 4.43p per kWh, the actual Pool price varies greatly; on ‘two occasions in December 1995, poor weather conditions caused abnormally high demand resulting in 2 Pool price of over £1 per kWh. Several industrial users were forced to temporarily shut down their operations as a result. In 1994 7% of the generated energy, amounting to over 24 TWh - worth £1 billion, was attributed to transmission losses (including measurement errors), while electricity imported via the Anglo-French sub- channel link made up 2% of the total available power. Short-term non-availability of this link, together with the longer-term failure of a relatively few items of equipment at UK power stations threatened large-scale power blackouts on at least four occasions in the first half of 1996. 1.2. Supply availability statistic for UK Tn 1995/6, the Utilities in the UK. achieved an average supply availability of 99.98%". ‘This seems very ‘impressive, but to the average customer it represents unpredictable disconnections totalling 97 minutes per ‘year with 90% of all customers experiencing one or more interruptions, ‘These performance figures are somewhat misleading because interruptions of less than one minute are not reported. To many commercial operations, an interruption of just 1 second is as disruptive as one of, say, ten minutes. For example, if a computer system loses power all the in-hand data will be lost and older data already stored may be corrupted. Recovery will require re-booting of the system, verification and restoration of older data and re-entry of recent data, The duration of the power cut is of little concern! Short interruptions (less than one minute) are very common and most are caused by auto-reclosers operating to clear transient faults that might otherwise have become longer duration interruptions. Such problems must now be seen as a fact of life and it is left to the customer to take steps to protect his operation. ‘As would be expected there are wide variations among the RECs; rural areas are more likely to experience ‘power interruptions and itis likely that restoration will take longer. For 1995/6 average total disconnection rates ranged from 33 to 223 per 100 customers per year with total disconnection times from 54 minutes to 233 minutes per customer per year. Over the last ten years, the best and worst disconnection levels achieved were 20 and 285 disconnections per 100 customers per year with total disconnection times from 45 to 1300 minutes per customer per year.‘There are no national statistics for other power quality defects, such as voltage dips, transients and harmonic pollution, but the number of customer complaints received by OFFER concerning the quality of supply rose by 23% in 1996 and has risen by 41% between 1991 and 1996. These figures include complaints relating to interruptions, ‘The susceptibility of the supply network to harmonic pollution is partly determined by the impedance of the lines - this is explained in Section 2.5.5. Since the UK has maintained a narrow voltage tolerance since 1937, the impedance of the system is generally lower than that found in other countries. The Table | below shows the phase to neutral impedance for consumers in various countries, (Note that tap changing is ‘employed to maintain the voltage within tolerance ~ much lower source impedance would otherwise be required.) These are average figures; they reflect wide variations in the balance between rural and urban areas as well as differences in national policy. ‘Table 1 - Typical supply impedance in different countries [country Tmpedance (@) 98% 95% 90% 85% Belgium 0.639033 | 03275017 | 028+)0.15 France 0554 jo34 | 045+j025 | 0344 j021 Germany 0.454025 | 036+j021 | O31+j017 Ireland 1a7 +7064 | 126%j060 | 103+j055 | 094+j043 Taly 05943032 | 048% j026 | 044+ j024 ‘Netherlands| O70+j025 | oat jo21 | 032+j017 ‘Switzerland 060+ j036 | 042+j025 | 030+;0.18 United Kingdom 046 +3045 025 +5023 7 USSR 0.63+j030 | 050+j0.26 1,3. Financial impact of power supply failure 1.3.1. Introduction ‘The effect of power failure on the activities of an enterprise depends on many factors, not least on the nature of the business. Data processing activities ae particularly susceptible, especially if data must be processed in real time such as stock trading and banking transection processing. Current data will be lost, data storage devices may be corrupted and the whole network will have to be rebooted - a process which can take several hours. Lost data must be restored from backup and that which had not yet been backed-up must be re- keyed. As well as the cost ofthis recovery exercise and the break in customer service, there may be longer- term effects due to loss of customer confidence plus the possibilty of introducing new errors. In industrial processing, a power failure will halt production which, in a continuous process, may result in the waste of feed stocks and cause considerable expense in the removal and disposal of partially processed product. If the plant is producing manufactured items for stock, the business disruption may be tolerable, but if the product has a limited market lifetime, such as a national daily newspaper, the effect can be catastrophic. Following a missed edition, sales of daily titles remain depressed for an extended period of several weeks. Hospitals are particularly at risk. Modem medicine relies heavily on electronic monitoring, and failure of the supply or equipment may result in loss of life. In a recent case in Honduras fourteen intensive care patients died during a power failure caused by rodent damage to the electrical installation. ‘The acceptable risk can be judged only by those responsible for running the enterprise, but decisions should bbe the result of careful assessment of the likely cost of failure and the identifiable cost of prevention. It must be borne in mind that protection has only to be bought once; disasters do strike twice.Research in the United States * shows that only 43% of businesses that suffer a disaster ever resume business and only 29% of these are in business two years later. Of those businesses which lost their data centre for ten days or more 93% went bankrupt within one year. No overall figures are available for the costs incurred as a result of power failures, possibly because many ‘managements would find them acutely embarrassing. However, a recent study "has examined the incidence of problems associated with computer systems and this is discussed in the next section, ‘Computer Installation Losses MACE (Management Accountancy Computer Education) estimate that in the UK there are 80,000 businesses with computer installations which report on average, 60 computer disasters per annum which are classified as ‘advanced’, critical’ or ‘intense’. These terms are defined as: Advanced’ an interruption to the workload which will cause an extended but known delay in user's ‘Critical’ an interruption which forces the computer site to shut down - some data loss due to the shutdown, but backups can be used to restore the missing data “Intense! an interruption that will result in major financial loss or put the survival of the company at stake - the equipment is a total write off. ‘These 80,000 computer installations are made up of over 100,000 mainframe, mini-computers and workstations, together with a further 2.5 million PCs of which over 50% are networked. ‘The estimated annual losses from 1989 to 1995 are shown in Table 2. Table 2 - Estimated annual losses to UK business from computer system disasters ‘Year ‘Annual Loss (£ Billion) 1989 3.87 190 3.09 1991 273 1992 287 1993 I 2.90 1994 2.91 1995 2.94 ‘The annual losses reported above can be attributed to a wide range of causes inchuding Contamination (e.g. dust) _—Fire/Smoke/High winds Water (leakage/floods) Abnormal heavhumidity Infestation (insects/rodents) _Staff-related Theft Unreliable power supplies System design failures Nationa Archives and Records Administration, Washington, DC Management Accountancy Computer Evcaton studyEffect of Power related failure MACE estimate that up to 60% of computer system service calls are power related and that approximately 28% of computer system breakdowns are the result of power failure. This would imply that of the 1995 losses of £2.94bn, about £800m could be power related. ‘Typical effects of power failure and disturbance are: - Blackout ‘Damage to storage drives, Data loss Brownout (Overheating, Corrupted data ‘Transient Noise Damage to storage drives, Component stress, Data interruption/loss| Frequency Variations, | Component stress, Unreliable data, Data interruption/loss Surges, Sags Consequences of Power-related Failures The main consequences of power failure impacting on computer systems can be categorised as follows: * Costly computer system downtime - several hours to reconfigure a network. + Corrupted data and keyboard lock-ups. ‘+ Loss of operational data. ‘© Loss of communications. 1.3.2. Insurance industry statistics ‘Telephone discussions were conducted with a number of insurance companies as well as relevant organisations - Loss Prevention Council, Association of British Insurers, AIRMIC (Association of Insurers and Risk Managers) - to gauge the level of interest in, and importance attributed to, the issue of power quality ‘The main organisation in the UK producing statistics on insurance claims is the Association of British Insurers (ABI). While the ABI does not produce statistics on claims resulting from problems with electrical installations, it does produce statistics on fire and business interruption. The statistics are based on information supplied by both members and non-members of the Association. Table 3 - Business interruption and fire insurance elaims statistics - gross incurred claims Fire Insurance Business Interruption Claims Year [Commercial Claims | Following Fire] Following Weather | TOTAL (em) ‘Damage (£m) Damage (£m) (ém) 1992 13 139 2 T 140 1993, 423 104 7 i 1994 424 188 17 205 [Tiss 392 18 2 175 1996 85 19 6 206 Insurance industry sources suggest that the causaU/contributory element atrbutable to inadequate electrical installations may be as high as 20% - about £100m in 1996 in the case of fire claims and up to £40m of business interruption. Business interruption insurance makes good reduction in profit or increased costs incurred in keeping the ‘business going following physical damage to the insured business or, in certain circumstances, that of neighbouring or supplying businesses. Business interruption insurance is available from gencral insurers against losses from, for example, fire and flood. However, it does not cover loss of profit arising from the breakdown of plant and machinery, as this specifically requires an engineering business interruption policy for which statistics are not available.1. Insurers response A small number of insurance companies, brokers and risk specialists in the UK do offer computer coverage. ‘Awareness of the importance of power quality among insurers is low, although premium reductions are often attainable if the prospective insured has the following attributes: ‘* A comprehensive contingency plan in place and tested ‘© Uninterruptible power supplies installed ‘* Emergency power system capable of 10 minutes of sustained power. 1.3.4, Financial impact This section has identified many of the costs associated with power failure and power disturbances, The magnitude of these costs will vary enormously across different industries depending on the type of activity and safety issues but most managers will be able to identify and quantify the risks facing their own operations. Once the risks have been quantified, an assessment of the appropriate preventative measures can be made using the following sections for guidance.2. Reliability In Electrical Power Systems The subject of reliability is pethaps less familiar to the building services engineer than to engineers in the telecommunications and electronics industry where reliability predictions are common practice. In this section, topics such as redundancy, resilience and parallel paths are introduced and the principles behind reliability in electrical power distribution systems are explained. ‘The concept of reliability became important in the mid-1940s when the complexity of systems began to increase rapidly as the electronic content grew. The development of advanced weapons systems and the carly work on electronic computers stimulated the study of reliability. More recently, with the application of complex electrical and electronic systems in the telecommunications, nuclear and space industries, a ‘complete new science of reliability has emerged. In the context of this publication we are concemed only ‘with reliability as it is applied to the power distribution system and not with the equipment it powers. ‘The reliability expectations of power distribution systems have increased because of the critical nature of some of the systems supplied and the high costs associated with failures. For example loss of power to an air traffic control installation or a medical system could be life threatening and it is common for such sites to have a standby supply of some sort. Power loss to a computer data processing system can incur high costs due to loss of data and long recovery periods. The larger the computer system, the longer will be the recovery period after a power supply disruption and, for some of the larger installations, this can be 7 hours or more, Data processing installations are now extremely important to commerce and industry and consequently feature strongly in the examples and illustrations given here. This is not meant to imply that they are the only important types of installation; production processes are also badly affected by power failure resulting in waste of raw materials, lost production time and wage costs, However, since computer systems are now central fo almost every enterprise, they are used as an example to which most managers and engineers will easily relate ‘Computer systems are notoriously sensitive to poor quality mains supplies and the Electric Data Processing (EDP) supply specification is much tighter than any mains supply specification. Tolerances for durations of less than 10ms are typically: - Voltage 45% Frequency SOHZ+1% i.e. 49.510 50.5Hz For personal computer systems the requirements are: - No deviation or break >iSms Spike free >akV Total harmonic voltage distortion <10% Voltage, steady state 41% Frequency, dynamic 1% Slew rate (Rate of change of frequency) <0,sHz/s Neutral-earth potential difference sv No electricity supplier could provide a public supply meeting these specifications at an economic price level, so the user must install suitable power conditioning and distribution equipment to provide the required level of security. Of course, the extra equipment will contribute an unreliability of its own which must be taken into account. Availability ‘A major consideration for system designers and users is service availability, that is, the proportion of time that an adequate service is provided. Availability must be carefully specified; the power supply availability ‘may be 0,999886, equivalent to one hour total non-availability in one year, but the system availability will bbe less because of the time required to re-establish operations.‘As an example, for a computer network requiting 7 hours to re-boot and restore, a single one hour interruption per year would result in a non-availability of 8 hours ~ an overall availability of 0.9991. If the power supply failed for 10 seconds every day - equivalent to one hour per year - then the non-availability ‘would be seven hours per day, or 2,555 hours per year, an availability of only 0.71. The availability of the power supply has not changed, but that of the system has been seriously reduced by the frequency of supply interruption. While the former scenario may be tolerable for some operations, the latter would certainly be totally ‘unacceptable. Availability may be an important specification but it does not tell the whole story and must be interpreted carefully. This subject is discussed in more detail further on in this section, Reliability, resilience and redundaney Reliability is a measure of the probability that a component or system will remain operational for the required lifetime. Methods of calculating overall reliability from that of the individual components are given in Section 2.3.2 Resilience is the ability of a system to remain operational after the failure of at least one of its components. Usually this is achieved by providing parallel paths so that failure of one of them does not cause the whole system to fail; ie. at least one path is redundant in normal operation. Because a resilient system must ‘experience more than one failure before becoming unserviceable, overall system reliability is improved. If ‘good maintenance procedures are in place the failure in the redundant path should have been repaired well before a second failure occurs. 2.1, Examples of current trends in reliability ‘The objective of modern installation design is to provide a continuous supply to critical loads, In most situations, the steps taken to achieve this will include some of the following: - ‘© Provision of a separate, independent supply from the grid + Provision of a standby generator + Provision of an uninterruptible power supply + Dualling of the distribution system, including any local transformers, busbars ete. # Separation of eritical and non-critical loads # Provision of maintenance facilites to enable servicing without removing power from critical loads, ‘The implementation of some of these steps has been eased by two particular product developments; the static transfer switch and transistorised static UPS modules with digital control. ‘Two independent on-line strings in parallel ‘A dual string installation is shown in Figure 1. This design has two independent supplies from separate grid points backed up by two independent standby generators. Power ftom either input rail can be routed to either or both output rails directly or via either of two UPS units. Static transfer switches (STS) are used to connect and isolate equipment and paths as required. This example is symmetrical and assumes that the Joads on each output are equally critical in other circumstances, one output may be used to supply highly critical loads while the other supplies normal loads. In normal service power from one supply would be routed to both outputs via a UPS. In the event of a supply failure, connection would be made to the alternate supply with the UPS providing power during the short changeover period. Ifthe alternate supply ‘were unavailable, then a standby generator would be started and once up to speed, connected tothe system again @ UPS would provide power during the start-up delay. If both supplies and both generators should fail, or be out of service for maintenance, then the UPS units would be used to supply the output rails independently. Load shedding would then be applied to extend the life ofthe supply. ‘This is an extreme example. It would be expensive to implement but may be justifiable in situations wh loss of life of serious financial loss may result from failure. It is used to illustrate what can be achieved; a subset of this system would be appropriate in most cases based on a critical examination of the risks involved and the cost of protection.It is worth noting that the control algorithm (which would probably be semi-automatic with manual intervention) for a scheme such as this would be somewhat complex and would itself require a careful reliability study. Figure 1 - Two independent on-line strings cna oven x x x x | | | I x xXx x op xg ves rs? xx xX xX XX | | Static transfer switch ‘The primary purpose of the static transfer switch (STS) is to allow virtually uninterrupted transfer of the critical load from one AC power source to another. It can switch between two or more power sources ot Joads at high speed in response to a small control signal, has very low resistance when turned 'on' and very high impedance when switched ‘off. A fast break-before-make switching scheme is employed to avoid overlapping transfers (connecting together the two sources). ‘The STS is based on a solid-state device, the thyristor or silicon controlled rectifier (SCR). The thyristor is a rectifier (ie. it conducts in only one direction) which can be controlled by a relatively small gate current. If the gate current is flowing, then the main load current will also flow. Once established, forward ‘conduction will continue - even if the gate current is removed - and will only cease when the load current reduces to less than the minimum holding value for the device. This will happen at the end of each half-cycle when the applied voltage reverses, so the device must be tured on at the start of each half-eyce. Since the thyristor is unidirectional, two anti-parallel devices are required to conduct AC. Figure 2 shows a single-phase two-way STS. Figure 2 - Static transfer switch in normal position Preferred Power Source £ Output to Critical Loa ‘Alerative Power Source ‘During normal operation, the pair of thyristors associated with the preferred source are turned on at the start of each half-cycle, while those associated with the alternate source are not (in Figure 2, the bold lines denote conduction). ‘Sensing cireuits constantly monitor the states of the preferred and alternate sources and feed the information to a supervisory microprocessor controller. Upon sensing the loss of the preferred source, the microprocessor control stops providing gate currents to the preferred-side thyristors and, when the preferred-side current is zero, provides gate current to the thyristors om the alternate side (denoted by the bold lines in Figure 3). The transfer from the preferred to the alternate source is so fast (normally less than. 14 electrical cycle), that even the most sensitive electrical or electronic loads are unable to determine its Figure 3 - Static transfer switch in alternate position Preferred Power Source ~ Output to Critical Loa ‘Altemative Power Source Since it is entirely based on solid state technology, the STS has no mechanical moving parts and thus ‘requires minimal maintenance. It has an AC to AC efficiency between 98% and 99% and so does not require any dedicated air conditioning.‘An STS coupled with two or more sources of power has been used instead of a UPS, the advantage being that there is no requirement for batteries or routine maintenance. For this approach to be effective the two ower sources must be truly independent (i.e. they will not both fail asa result ofa single failure either on- site or in the grid distribution system) and must be continuously available (there is no time to wait for a generator to start up!) ‘Transistorised static UPS module with digital control Until recently, transistorised UPS modules have been limited to about 400kVA because of the size of transistors available, Now modules are available up to 1200kVA coupled with the digital control that allows fast reaction to load variations. ‘The advantages of the new transistorised UPS modules are as follows: - 1) Low output voltage distortion (providing the crest factor of the module is not exceeded). 2) Fast transfer to bypass. 3) Compact construction. 4) Ability to handle load disturbances. 5) Low cost. ‘Taken together, these developments have allowed engineers to design extremely robust power distribution systems for critical loads. 2.2. The importance of reliability assessment Improving reliability will always involve some additional expenditure because, for example, redundant paths require additional cabling and equipment and high reliability equipment may attract premium prices. ‘There will be many routes to achieving a particular level of reliability for an instalation and each will have an associated cost. Selecting the optimum approach requires a careful analysis ofthe site requirements, the financial, business and safety risks posed by failure andthe cost of each solution. An understanding of reliability principles will allow systems to be designed for specific degrees of reliability and service availability by, for instance, using appropriate amounts of redundancy. System designers and planners can make informed decisions about the trade-offs between reliability and costs and can allocate the reliability requirements among the various elements of a system in order to minimise overall costs. As technology advances and electro-mechanical devices are replaced by solid state devices, itis generally assumed that new systems will be more reliable than their predecessors. However, the increasing complexity of solid-state systems means that there are many more components involved, each of which has 8 finite reliability. The probability of failure must be minimised by careful design and by introducing redundant elements arranged so that they can take over until the faulty elements have been identified and repaired, 2.2.1. Purpose of reliability assessment ‘The principal purposes of reliability assessment, taken from BS5760: Part 2 1994, ‘Guide to the Assessment of Reliability’, includes the following: (@ to provide an carly indication of the potential of a system to meet a stated reliability requirement; (b) to reveal aspects of the design that require particular attention to reliability or that present high risks in relation to the requirements; (©) to provide as basis for reliability apportionment (eg. for use by sub-contractors whose subsystems are required 10 meet reliability requirements delegated to them) and also to establish the reiability required of an item; (@ to provide inputs to studies that may influence product design, such as design reviews, design evaluation, trade-off studies, lif cycle costing, maintenance support, logistics studies and safety analysis. For example, assessment may highlight particular areas where an acceptable relaxation 10in performance could produce a major saving in life cycle costs; (©) to establish whether the production process has adversely affected reliability; (to establish whether an item in service has performed or is performing with the reliability required, and whether it is likely to continue performing adequately for the remainder of its generated life; (g) to contribute to safety studies of an item (ir is necessary 10 distinguish between the operation and the safety requirements for reliability); (h) —toeestimate and control the effects of design changes on reliability; (i) to provide input to logistic support analysis, spares ranging and scaling, hazard analysis and related maintenance studies. In any assessment it is important to present the information results clearly with any limitations and assumptions clearly identified. Reliability assessments are an aid to good engineering but cannot function alone. ‘The designer must carefully interpret the results to ensure that the optimum solution is achieved, 2.2.2, Benefits of reliability assessments Reliability assessments enable system designers and planners to make informed judgements and decisions about the: - * choice of system configuration manufacturer of the equipment ‘type of components/equipment ‘© interface to other equipment © trade-offs between reliability and cost ‘© choice of system that best meets the client's brief ‘The assessment provides a failure probability figure for the system based upon known or estimated statistical failure rates for each component. It does not indicate thatthe system will not fail more frequently = itis a guide to the average reliability. No manufacturer can provide a lifetime guarantee for the reliability of their products! 2.2.3, Assessing reliability ‘The following are some of the factors that contribute to the difficulty of assessing reliability accurately. © Inconsistency in manufacture - not all components will have exactly the same lifetime © Consequential damage (or over-stressing) of a component caused by partial or catastrophic failure of another ‘+ Incomplete repair, e.g. components which may have been over-stressed by the failure of another were not replaced and may have shortened lifetimes. © Poot replacement, e.g. replacement components not of same quality as those originally fitted ‘© Failures not being accurately reported and therefore not included in statistics ‘* Environmental factors, e.g. systems run at higher temperatures will experience shorter lifetime '* Problems due to poor maintenance, e.g. failure to keep air vents clear will cause local hot-spots and, result in earlier failure 2 ‘Uncertainty in assessing reliability predications It is important to appreciate that reliability predictions are subject to uncertainty. ‘This arises from a number of factors: '* There is an inherent uncertainty in transferring failure (or success) data to different applications and environments. © Itmay be unclear what constitutes a failure in various situations. 1© The effect of human actions and interpretations may be uncertain, ‘* Predications are naturally based upon historical data. Differences in technology, changes in design team personnel and the changing specification of the product all introduce possible sources of error into predictions. * The rate of occurrence of failure may not be constant with respect to time. © Predication methods often have to be over simplified in order to make problems tractable. ‘© Confidence limits with respect to the statistical data being assessed. 2.2.5. Application of reliability assessments Reliability assessments are an aid to good engineering and consideration should be given tothe following: - * Well-proven engineering practices, + All statistical information is assessed to a common base. ‘+ Previous designs and processes should be reviewed to determine the capability of the new product. ‘© Statistical analysis should always be tempered by engineering judgement. Parallel redundancy for ‘example, can be introduced to improve the overall probebility of successful operation of a system, but it may not be effective ifthe same inherent fault mechanisms exist within the parallel items. Reliability is the product of the component count and the number of redundant paths that will allow the Product or system to perform satisfactorily until the faulty elements have been repaired. ‘Therefore, the less complex the system you design, with fewer components and more redundant paths, the ‘more reliable the system will perform without loss of power. 2.3. Basic concepts 2.3.1. Reliability and unreliability ‘The British Standard BS 4778 Section 3.1 1991 and Section 3.2 define reliability as “the characteristic of an item expressed by the probability that it performs a required function under required conditions for a stated period of time”, ‘When assessing the reliability of a product there are four important elements to be considered as follows: - @ Function ©) Conditions of use (©) Time interval (@) Probability ‘These elements are defined in to BS 5760 Part 2 1994, ‘Guide to the Assessment of Reliability’, Section 4 Reliability is difficult and time consuming to measure. The accurate assessment of the reliability of a product in use requires a long time or a large number of samples in order to gain statistical confidence in the assessment. During the design phase, when the product is largely conceptual, or during development, when only prototypes exist, reliability can be more difficult to assess. At this stage, reliability estimates are often made based on experience with similar products and earlier generations. Reliability data accumulates during development and the early phases of introduction to use. Some failures may be obvious, such as the blowing of a light bulb, but in other cases, it may be much harder to determine that a failure has occurred. For example, a complex electronic circuit that must meet a detailed specification has failed if any of its parameters have moved outside their specified limits although this may not be apparent to the user. An electronic interface circuit may be required to have a certain immunity to noise voltage; failure to maintain this immunity would not be noticed under noise free conditions, but the symptoms would be apparent under more extreme conditions. It is likely to be difficult to localise the 2Failure may occur as catastrophic failure, ie. it is complete and sudden, like a light bulb failing, or as degradation, ic. itis gradual or partial, like an electronic unit moving outside specification. In the case of an electrical supply, a complete loss of power would be catastrophic failure, while voltage or frequency deviation would be regarded as degradation. A failure is primary if tis not caused by failure in another part of the system, and is secondary if it is the result ofthe failure of another part of the system. Reliability data can only give information about primary failure. 2.3.2. Basic reliability formulas If the number of components tested is N,, the number of components which fail in time t is Ny and the ‘number which survive is N,, then Retabiliy, R( Ny RO Equation 1 where R(t) is known as the reliability function, and Unreliability, Q(t) = “@ Equation 2 where N{t) is the number of failures to time t. Q(0) is also called the failure probability Failure Rate ‘The probability density f(t) is probably the most fundamental function in reliability theory. -___ Failures during day ' area peer 8) ae We need to relate the numberof components that filed on a particular day tothe number of components that were exposed to failure on the same day, not the initial number of components. This jis a conditional pobebility Because it it the probability of failure on a given day, subject to the condition that the Component has survived to that day and is known asthe failure rate, or hazard rate (0), defined 3: ~ No of failures in unit time eee uation 4 0) oof componens exposed to fale oe Failure rate curves Figure 4 shows the failure rate A(t), plotted against time measured in days. It is often referred to as a “bathtub curve’ and is typical of that obtained for many electronic components. It has three distinct sections: Early life or burn-in This is the period (up to day 4 in this illustration), when A() is decreasing as weak or substandard components fail. Its known as the early life, carly filue, infant mortality or burn-in period. The reasons for the first three terms should be obvious. Burn-in is a process sometimes used in the final stages of ‘manufacture of components in order to weed out early failures. It involves the components being run under ‘normal conditions (or controlled conditions somewhat more severe than normal to accelerate the process) for sufficiently long to get through the early life period. Useful life - normal operating period This is a period of effectively constant, relatively low A(t) (from day 5 to day 31 in Figure 4), known as the ‘useful life or normal operating period, During this time, the failure rate is independent of the time for which the component has been run. In other words, the probability of failure of a component is the same throughout this period. BFigure 4 - Failure rate against time 1h 10 09 Faiture 08 to 07 oe} 05 04 03, 02 on 35 7 9 11 13 15 17 19 21 23 25 27 20 31 33 35 37 Elapsed Time (days) Wear-out - old age ‘This is the period, when the failure rate increases steeply with time (beyond day 31 in this illustration), known as the wear-out or old age period. ‘The bathtub curve describes the behaviour that might well be expected for many types of component, or even for complex systems such as a UPS. Taking the familiar example of light bulbs, failures during early life might be due to filaments that have been badly attached to their supports, that have been locally drawn too thin or that have nicks in them. Another cause of early failure could be leaky glass envelopes, leading to filament oxidisation. During useful life the filaments gradually evaporate and become thinner until they break, usually under the thermal stress induced by current surges at switch on. If all bulbs were identical and were operated under identical conditions, they would all fail at the same time. However, since no ‘manufacturing process will produce identical components, some will have serious faults leading to failure during early life, and the failure rate decreases as the weaker components are weeded out. Similarly, it is reasonable to expecta range of failure times during the wear-out period. In the case of light bulbs, filament ‘composition, thickness, length and shape will vary slightly from bulb to bulb, thus leading toa spread in the time at which they finally break. As the bulbs get older, their probability of failure increases, giving a steep rise on the right-hand side of the bathtub curve. Memory-tess process or catastrophic failure Itis perhaps harder to see why there should be any failures at all during the normal operating period, once carly failures have been weeded out and there has not yet been any significant wear. A detailed analysis of the numerous ways in which a light bulb could fail would be extremely complex because of the variety of ‘mechanical, thermal and chemical processes that can take place. The wide range of possibilities, each with its own time dependence, averages out to produce a failure probability that is effectively independent of time. The process is referred to as memory-less, because the probability of failure is independent of Previous history. These failures are also sometimes called catastrophic because they are unexpected. Figure 5 shows a sketch of a typical bathtub curve. Useful life extends from T, to Ts, ic. after eatly life failures have occurred and before wear-out starts to be significant. Failure rate during useful life ‘The manufacture of components and assemblies often involves a burn-in process so that those subject to carly life failure can be removed from the supply chain, In many cases, electronic components do not reach their wear-out period during operational life - they may have useful lives that are much longer than the operational life of the system in which they are used. Routine maintenance procedures may be designed to mensure that components are replaced well before the onset of wear-out. Because of this, itis often possible to assume that components are run only during their period of useful life and that they have a constant failure rate, iy, Figure 5 - Useful lifetime tye sett ite Woarcut Faire Rate co) 2.3.3. Mean time to failure (MTTF) The mean time to failure is a term that is applied to non-repairable parts such as light bulbs and is a measurement of the average time to failure of a large number of similar parts which operate under specified conditions. The conditions of test are important, for example an increase in the operating temperature of ‘most components will reduce the MTTF. MTTF may be calculated from the equation: - ‘Sum of time to failure of each component MTTF ‘No of components under test In practice, the MTTF is often calculated from data taken over a period of time in which not all the ‘components fail, In this case ‘Total operating time for all components No of failures at that time MTTF Equation 5 ‘The relationship between MTTF and the parameter 2 holds only for exponential distribution, ‘The MTTF can be estimated from the results of reliability tests or from statistics by keeping records of component failures. This can form part of the servicing/maintenance procedures for equipment, Example ‘The maintenance records for a large organisation show that during a period corresponding to 1,000,000 operating hours for a particular piece of equipment, 80 of these failed and had to be replaced. 1f 80 units fail in 1,000,000 hours, the MTTF of one piece of equipment is 1,000,000 30 2,500 hours 52.3.4. Mean time between failures (MTBF) In the case of components or system elements that can be repaired, failure rates are often expressed in terms of the mean time between failures (MTBF) rather than mean time to failure (MTTF). This is a measure of the average time that a piece of equipment performs its function without requiring repair (although it may require routine scheduled maintenance). Many components cannot be repaired; they can fail only once in their lifetime after which they have to be replaced. However, in more complex systems, elements can usually be repaired: faulty components on circuit boards or faulty boards in equipment racks can be replaced and breaks in cables can be repaired. Example ‘A television rental company operates their sets for an average of 900 hours per year. The company records show that during one year 26,300 of its 210,000 rented televisions had to be repaired, ‘Total number of operating hours = 210,000 x 900 = 189 x 10° hours. 189%10° 26300 ‘The estimated MTBF = = 7,200 hours. Because MTBF is a statistical quantity, a large number of faults must be recorded in order to establish ‘confidence in the result. Testing one piece of equipment for a very long time is impracticable. It is usual to test a large number of samples simultaneously for a shorter period, and to determine the total number of faults in the total operating time for all of the equipment. This method assumes that burn-in and wear-out failure modes are not involved. 2.3.5. Availability and mean time to repair (MTTR) ‘The average time needed for repairs is known as the mean time to repair (MTTR). It must be taken into account when calculating availability. Repair times need to be considered when using MTBFs to estimate the effective reliability of the system, In practice the MTTTR can depend on a whole range of factors including: - © Time needed to learn about the fault. Time needed to locate the fault. © Time needed to isolate the fault. ‘* Time needed to gain access to the fault. + Access to the service engineer and time needed to reach site. ‘© Availability of (and delivery time of) spare parts. ‘* Time needed to repair the fault and to make any necessary adjustments and perform tests. ‘The availability ofa system or of a component isthe proportion of time for which itis operating correctly. Itis the ratio of operational time to total time, which isthe sum of the operational and repair times. MTBF ee Equation 6 MIBF+MTTR = ‘Availability = ‘System users are sometimes more concerned with the availability rather than the reliability of such systems. Its usually important fo maximise the proportion of time a system is available, and this can involve trade- offs between component reliability and repair time. For instance, hard-wired components are usually much ‘more reliable than plug-in ones, because of the relatively high failure rates of connections. On the other hhand, the repair times of plug-in components may be much shorter than those for hard wired ones because they can simply be replaced. The use of plug-in components can result in higher availability, but with a higher failure rate. ‘The optimum balance depends on the absolute values of MTBF and MTTR. 162.4, The reliability of system and system elements 2.4.1. Reliability block diagrams It is useful to represent the system undergoing analysis in the form of a reliability block diagram (RBD). ‘The main purpose of producing reliability assessments isto enable the user to: - (2) Compare one product against another. (b) Compare the merits of different distribution systems. (©) Compare the difference in the magnitude of the reliability assessment between the different systems under evaluation. ‘The principle benefits’ are as follows: - (a) The pictorial representation means that models are easily understood and therefore readily checked (b) Block diagrams are used to identify the relationship between elements in the system. The overall system reliability can then be calculated from the reliability of the blocks using the laws of probability, (©) The block diagrams can readily be interpreted in the case of elements that are, in reliability terms, (@ Block diagrams can be used for the evaluation of system availability provided that both the repair of blocks and failures are independent events, ie. provided the time taken to repair a block is ‘dependant only on the block concerned and is independent of repair to any other block. ‘The main limitations of the RBD technique are as follows: - (a) This method cannot model systems in which the sequence of failures affects the outcome (i.e. order dependant failures), (b) This method cannot model maintenance strategies. (©) Fora given system, each failure or success definition needs a separate block diagram. Figure 6 shows two warning lamps that form part of a control panel. Figure 6 - Example of RBD —®—_2— (a) In Series @ & (b) In Paraltel ‘They are in series in diagram (a) and in parallel in diagram (b). As a warning system, (a) fails at the first failure of a lamp whereas (b) fails only when both lamps have failed. Arrangement (b) is more resilient and s0 is clearly preferable to (a). If it were not possible to have two bulbs in parallel, it would be better to have just one, rather than two in series. Although the failure of one or the other bulb is more likely with two ‘bulbs than with one, the parallel combination increases the availability of the warming system, In terms of reliability, the components of (a) are in series because the system fails if either of the components fails and those of (b) are in parallel because the system fails only if both its components fail, 7Figure 7 shows two RC elements which could each form part of a filter. From an electrical point of view, () isa series and (b) a parallel circuit. However, both circuits fail if either of their components fail, so in reliability terms the components are in series in both cases. Figure 7- RC circuit in series and parallel —1}—t+— (2) RC Circuit in series Sah (b) RC Circuit in paralie Figure 8 - Two switches in series So ‘Two switches in series ‘Whether the switches in Figure 8 are in series or parallel (in reliability terms) depends on their intended function. If they are to close on command in order to energise an item of equipment, then they are in series (because if one fails the action does not take place). If they are safety switches fitted to interrupt current flow when, say, a door of an equipment cabinet is opened, then they are in parallel in reliability terms because only one is required to operate to achieve the design objective. This example illustrates the need for careful analysis ofthe function of each element. When drawing reliability block diagrams it is usual to represent each element by a box, possibly characterised by an appropriate parameter such as the failure rate or MTBF in hours. Each series or parallel combination is progressively reduced to a single equivalent element until the whole system has been reduced to one single equivalent element. 24,2. Series reliability ‘Components are considered to be in series, in reliability terms, when failure of any one of them causes total failure of that system or part of a system undergoing evaluation. Ifa failure of any part is independent of the operation of the other parts then the reliability of the system is given by the product of the reliability of the parts: - RED =R DR (xR (R(x RGD Equation 7 where R(t) is the system reliability and R, (t) isthe reliability of the kth part ata time t If the failure rate, 2, is constant then the system failure rate R(t) is given by: - Rye! xe RQ eM CM eM ce eT Rie rbrnrhrn th R(D=e™ where R= Ay +22 +Ay toot Ay toot hy Equation 8 1sEquation 9 2.4.3, Parallel reliability Components are considered to be in parallel, in reliability terms, if failure of any one component does not cause the total failure of that system or part undergoing evaluation. This can be referred to as in-built redundancy, i. the inclusion of additional equipment in such a way that a failure of one part does not cause a failure of the whole system. [If the reliability of each partis independent of the other parts then the probability of a system failure is AE) = Qi (1) « Qp 6) Q5 (1) oe Q(X Qa) Equation 10 Where Q(t) is the system unreliability and Qu(t) is the part unreliability. Since R(Q = reliability is easily calculated = Q(t) the system 2.4.4, Calculation examples ‘The following examples illustrate how the calculations are carried out in practice. Example 1 ‘A sub-system element consisting of 12 identical components is required to have a reliability of atleast 0.95. Failure of any component results in failure ofthe system. In terms of reliability, the components are in series, because the system fails if any one of them fails. If Ris the component reliability function, then the requirement is that R’* should be equal to 0.95, or greater. Thus the minimum acceptable value for Ris given by R’* = 0.95, so R must be at least 0.9957, say 0,996. Example 2 A communication system uses two exchanges, each with reliability R = 0.995, linked via three trunk routes, each with a reliability of 0.900. If the selected route fails, the exchanges automatically switch to another route. ‘The reliability diagram for the system is shown in the Figure 9. The three routes are in parallel because any one of them can be used on its own. The reliability of this parallel combination is I - (1 - 0.0900)’ = 0,999 and this is in series with two exchanges, each with reliability 0,995. So the overall system reliability is 0.995 x 0.999 x 0.995 = 0.989, Figure 9 - Reliability diagram 0.900 0.995 0.900 0.995, 0.900 Example 3 Figure 10 shows the RBD of a system in which component 1 has a reliability of 0.95, component 2 a reliability of 0.8, and so on, DFigure 10 - Reliability block diagram 08 08 095 z 3 7 08 v8 faa 7 3 095 09 09 7 095 oes = 3 $ 7 08s 10 ‘The reliability of the whole system is calculated by first merging simple series and parallel combinations. Thus, components 2 and 3 have combined reliability of 0.8 x 0.8 = 0.64, as have components 4 and 5. The reliability of these two parallel groups is 1 - (1 - 0.64) = 0.87. Similarly, components 8 and 9 have combined reliability 0,9 x 0.9 = 0.81, and they are in parallel with component 10, so the reliability of this group is I - (1 - 0.81) (I -0.85) = 0.97. At this stage, the reliability diagram hhas been reduced to that shown in Figure 11. Figure 11 - Reduced reliability block diagram 035 087 T 2345 095 095 om 097 7 6 7 Co) ‘The upper, 2-component, branch in this figure has reliability 0.95 x 0.87 = 0.827, while the lower, 3- ‘component, branch has reliability 0.95 x 0.85 x 0.97 = 0.783. The reliability of the parallel combination of these two branches is 1 - (1 - 0.827)(1 - 0.783) = 0.96, and this combination is in series with ‘component 11, so that the overall system reliability is 0.96 x 0.95 = 0.91. 2.5, Application of reliability 2.5.1. Power system design philosophy In designing any power distribution system the following fundamental elements should always be addressed: - 1) Reliability 2) Resilience 3) Maintainability 4) Capacity 5) Flexibility 6) Interface with Existing Infrastructure 20“The parameters for providing a reliable electrical system include the following: - ‘© The use of modular standby equipment rather than large central plant. © Individual power supplies rather than shared power supplies to the critical load. © Dual feeds (parallel paths) throughout the electrical distribution system with automatic changeover (on failure. ‘© The power distribution, standby generating equipment and the UPS concepts employed should include redundancy and no-break switching, With information available regarding reliability, capacities, maintainability and costs, a suitable scheme can be selected to meet the specification parameters In general, the overall reliability of a system is dependent upon the number and reliability of individual ‘components; a more complex system impairs reliability as more components are involved leading to a greater number of failure points. Therefore, the use of high quality reliable components based on “tried and tested" technology that has undergone an appropriate service period is essential. 2.5.2. Parallel redundancy and standby modes Redundancy is a useful method of increasing reliability and optimising the balance between operation effectiveness and expenditure, In the context of reliability, redundancy signifies that a system will continue to function satisfactorily inspite of the failure of some of the component parts. This resilience to failures is obtained by providing alternative paths of operation, by arranging selected elements of the system in parallel Standby Redundancy Standby redundancy means that an altemative means of performing the function is provided but is inoperative until needed. It is switched on upon failure of the primary means of performing the function. ‘An example of standby redundancy would be the use of a standby generator in a building to ensure continuity of supply in case of a mains failure, The generator is not called for until it is needed when the power supply fails. Such a scheme would not be suitable for a computer system, because data would be lost during the relatively long period required to start the standby generator. Active or Parallel Redundancy In active or parallel redundancy, all redundant units are operating simultaneously rather than being switched ‘on when needed. ‘The mast obvious approach is to use two components, each capable of carrying the full load, so that if one should fail the other will take over - this is referred to as 1+1 redundancy. An alternative approach is to split the load among a number of units, each capable of carrying only a fraction of the load, and provide just one additional redundant unit - this is referred to as N+ redundancy. For very critical Toads, more than one fully rated redundant unit may be provided. For example, a 1+2 redundancy scheme ‘would have two fully rated redundant units supporting the single operating unit and would requite all three units to fail before the system fails. Because there is no interruption, active redundancy is suitable for ‘computer installations. N41 and 1+1 Redundancy [As discussed earlier, the theory of redundancy is that should a component within a system fail, the system will continue to function because alternative paths are available for the system to operate. In Figure 12 the system will function with either Al or A2 operating. Should component AI fail, the system will continue to function. This type of redundancy is termed 1+1, as there is 100% redundancy available, 2Figure 12 -1+1 Redundancy At In the system shown in Figure 13 two out of the three components are required for the system to function and there is one redundant component. In this scenario, the system would be called 2+1. In each case, the first number refers to the number of components required for the system to function correctly and the second mumber refers to the number of standby components available. Figure 13 - N41 Redundancy AL — 3} A3 as Its possible to have many redundant components that would significantly improve the reliability of the system. However, this would also be expensive and in most applications a balance is achieved between reliability and economics. Figure 14 - Examples of redundancy Al [2% A2 Le0%} A {2%} 2+ 1 Redundancy At A2 A3 N +1 Redundancy 1 +2 Redundancy 2B